Part I. SOA basics

In part I, we introduce the basics that you need to know before embarking on a study of SOA security. We will also help you set up the tools and environment needed for running the examples in this book.

In chapter 1, we introduce the basic ideas behind SOA security by contrasting it with traditional application security. While doing so, we define what we mean by SOA, what we mean by security, and what we mean by SOA security. We also briefly introduce the options you have when implementing SOA security and describe how this book will help adopters of each option.

In chapter 2, we introduce the basics of SOAP-based web services. We cover the essentials of XML, XML namespaces, XML schemas, XPath, WSDL, and SOAP. We also show how you can set up Apache Axis and use JAX-RPC (along with JAXP and DOM) APIs to create and consume SOAP-based web services.

In chapter 3, the focus is on how SOAP can be extended to take care of additional concerns, such as security. We show how you can use JAX-RPC handlers to process SOAP extensions in Apache Axis.

While part I will make sure you are familiar with all the basics needed to understand the SOA security techniques discussed in the rest of the book, it is by no means intended as an authoritative and exhaustive introduction to SOA and its technology underpinnings. The suggestions for further reading at the end of each chapter will tell you how you can obtain a more thorough understanding of SOA basics.